The Perl Toolchain Summit needs more sponsors. If your company depends on Perl, please support this very important event.
RCAPUTO / Bot-Pastebot-0.600 / TODO 
------------------------------------
Recent, Miscellaneous, Uncategorized
------------------------------------

This section is generic notes from discussions with other developers.

Yaakov implemented a requested feature: A hit counter for each paste,
so posters can see if anybody has looked at their posts.  The obvious
extension is to discount views from the poster's address.  That way
they don't need to count clicks and subtract things in their heads.

There is a large list of source code beautifiers at
<http://www.softpanorama.org/Tools/beautifiers.shtml>.  Perhaps one or
more of them may be used to beautify/highlight languages other than
Perl.

------------
Yaakov Ideas
------------

Ideas while discussing features with Yaakov.

Move directly from the paste form to the "fetch" page.  Discard the
answer page.

  Requires the direct URL to be placed on the "fetch" page.

Allow channels to be embedded in the URL.  This is a simple form of
virtual hosting.  More complex forms are also possible.

  Done properly, each channel might have its own database.

Allow per-channel configurations, especially with the templates used
to render pastes.

  Channel -> template -> HTML

  Save the channel in the paste record.  This simplifies lookups to
  the point where you don't need to include the channel.

  Paste Number -> record -> channel -> template -> HTML

Allow channel aliases, /js/ instead of /#javascript/, etc.

If the channel is specified in the paste request, we can match it
against the paste number.  If they don't match, we can 404 it.  In
other words, don't show pastes from other channels.  Some other form
of vhosting might be more appropriate, such as using multiple ports or
watching the Host header.

Have the bot respond to permutations of "no paste" by presenting its
URL.  Also, the devoice- (or kick-) on-flood.

Perform bans, modifications based on paste number, not IP address.
That is, the paster's address is opaque to users, ops, but they can
still prevent people from abusing the system.

  No plan of action is assigned to this task.

Plan of action.

  1. Store the channel with the paste record.  Already done.
  2. Move the "fetch paste" code to a subroutine.
     Call it from the "fetch paste" URL trigger and from the end of
     the "store paste" URL trigger.  This replaces the
     template-answer.html already there.
  3. Channel-based template lookup.
     Hash the network and channel names into a path.
     Attempt to read the template from there.
     If failure, read the template from a default location.
     Continue with the rendering as usual.
  4. Create public message triggers for variations of "no paste".
     Build an URL from the %conf records associated with the network
     and channel where the bot heard the trigger.

-----------------
Time-limited keys
-----------------

Pastebot, like every other tool, has the ability to be abused.  Adding
time-limited keys for paste functions would probably reduce this
potential at a cost of less convenience.

*** Get a key from the bot.

User sends:

  /msg [bot] getkey [channel]
  /msg [bot] getkey [nick]

Bot returns:

  /msg [user] You may paste to [channel] via http://host/paste/[key]
  /msg [user] You may paste to [nick] via http://host/paste/[key]

The [key] will be available for some time period, perhaps an hour,
before it expires.  [nick] or [channel] ops would be able to expire
the key early and possibly block the user from acquiring new keys in
the future.

*** Give someone else a key.

Public responses to a paste in progress might trigger key generation.
Possible public messages to look for:

  [nick]: no paste!
  [nick]: don't paste!
  [nick]: no pasting!
  etc.

The bot would generate a new key and /msg it to [nick]:

  /msg [nick] You may paste to [channel] via http://host/paste/[key]

Whoever publicly admonished the paster would receive an
acknowledgment:

  /msg [admonisher] I sent a paste key to [nick].

*** Private proactive paste prevention.

When someone has expressed the intention of pasting on-channel,
another user can trigger pastebot to send them a key.  This explains
the bot's purpose and creates the paste key all at once.

Someone's joined the channel and said:

  Can I show you some poetry I wrote?

Someone on-channel catches this and rather than explain the bot types:

  /msg [bot] meet [nick]

The bot then sends [nick] this private message:

  /msg [nick] [requester] has requested that you paste via the web.
  You may paste to [channel] by visiting http://host/paste/[key] ...
  To avoid future problems, /msg [bot] help

*** Automatic key generation.

The bot could incorporate flood detection.  On detecting flood, it can
automatically generate a key and send it to the offending person.
Optionally, it can kick the flooder or set them -v.

Channel ops would be upset if it did this to them, so detect and
ignore +o people. :)

*** Disallow anonymous paste.

Remove the personal ID fields from the web form.  Fill them in based
on the channel and nick requesting keys through IRC.  This is a small
convenience as a side effect of the larger inconvenience of using
one-time keys.

-------------
Web accounts.
-------------

Have persistent accounts with information about each user's viewing
preferences.  Per-viewer settings might include:

Tab widths, although it may be better if the paster could specify
this.

Admin flags, so users can maintain the bot via the web.

Having an authenticated web account means not needing to publish your
IP address.

---------------------
Paste Via Form Upload
---------------------

Add a standard "Browse" button and filename field, and let people
upload via the form.

Also let people download verbatim with a link/button, to circumvent
crappy HTML renderers.

---------------
Paste Via Email
---------------

This could be done now with a simple mail gateway, but there's
considerations with being able to block access.

Ideally it would unwrap attachments (maybe just the first attachment)
if any and paste that rather than just pasting the source of the mail.

It should be possible to block abuses in such a way that attempts to
forge the From line fail.

Suggested by Uri on Magnet #perl.

-------------------
Paste via DCC chat.
-------------------

Some people don't have web access, or have really bad browsers, or are
too lazy to be bothered, or just prefer IRC over the web.  Provide a
way for them to DCC chat the bot and paste into it that way.

User:

  /dcc [bot] chat

The bot accepts the chat request.  The user pastes their paste into
the query, then closes the chat to save it.

  /dcc [bot] close

The bot posts the paste on the web.

*** Reverse DCC chat.

Reverse DCC chat, like eggdrops do, will be needed for people behind
firewalls.

  /ctcp [bot] chat

Then the bot sends a DCC chat request to the user.  The user accepts,
and everything else happens as outlined above.

*** Paste shell over DCC chat.

Add a miniature paste editor so people can specify channel, summary,
and other information for the paste.  More importantly, let users
paste multiple things per chat session.

  To: [channel or nick]
  Subject: A nice subject for the web listing/messaging.

  paste
  paste
  paste

------------------
Internal features.
------------------

These features are not necessarily visible to end users, but they'll
make visible changes easier.

*** Make databases persistent.

User state tracking.  Probably with POE::Component::UserBase.

Replace the web server code with POE::Component::Server::HTTP.

At one point someone suggested POE::Component::IRCbot.  Find out if
that's ready, and possibly use it in place of pastebot's code.

Background name/address resolution.  Replace numeric addresses with
their proper machine names, using POE::Component::Client::DNS so
things don't halt during the process.

----
End.
----